Student aids Microsoft

Daniel Bartlett


Alex Ionescu has got the software giant’s attention.

Daniel Bartlett

A software engineering student at Concordia received a lot of attention when he discovered that Microsoft’s new Windows Vista operating system’s digital rights management (DRM) could be cracked.

Alex Ionescu received his first laptop from his father when he was four and a half years old and living in Romania. Fascinated by the technology’s potential, Ionescu had discovered hex editing by the age of seven and was working on password protection programs by the time he moved to Canada in 1994.

Now 20, Ionescu is working for a project called ReactOS, with plans to develop an open source version of Windows.

“As a kid I just loved it, because I quickly understood you could do anything you want with a computer,” he said. “You can sit down and say, ‘I want to do this,” and the computer could do it for you or you could program it to. Other kids got toys, I got computers.”

Ionescu has garnered much attention after showing that Vista’s DRM could be decoded. He was the focus of many news stories in the United Kingdom, New York, California and Canada and online. At one point, his blog received an astounding 60,000 visitors in less than 24 hours.

DRM is technology developed by Hollywood and other companies to manage how you use your media.

“For example, if you buy a CD and it only lets you play it on your computer, that’s a form of DRM,” Ionescu said. “If you buy a movie and you can only watch it five times because you rented it, that’s DRM.”

In order to bypass this technology, Ionescu said Vista’s protected media path (PMP) must first be cracked. PMP is something Microsoft created to certify that users can’t bypass DRM by making sure that every component in the system is protected from hackers or other programs.

“Basically, I found a way in which PMP might not be aware that you’re actually trying to crack the system,” Ionescu said. “I looked at PMP and I saw [that it’s documented to check] for a specific flag on the system. That flag lets you load unsafe components, but PMP checks for that and will disable itself. I found another flag which also lets you load unsafe components, but PMP doesn’t check for that.”

This decoding is extremely important when considering HD DVD and high definition content protection (HDCP) technologies. Ionescu said that in order to watch HD DVDs, consumers need a special screen with HDCP capabilities. Many HDTV screens do not have HDCP technology built in and will not play HD DVDs. This, after consumers have already spent $1,000 or more on their screens.

However, by bypassing the PMP system, consumers could watch their HD DVDs on screens that do not include HDCP technology.

Since reading about Ionescu's DRM crack, Microsoft has been in contact with him and has asked him to write a full report on the bug. They also asked that he not disclose any specific information on the bug itself, but he could still talk to the media and other people about his findings.

“Microsoft knows about my research and I’ve given them the whole information on it,” Ionescu said. “If there is actually some path that could be bypassed, they’re going to patch it.”

For more information on the ReactOS project, visit www.reactos.org